Innovation in compliance translates to a business advantage for companies. This can be easily seen in the introduction of Artificial Intelligence (AI) into a compliance program by bringing technology that will improve the efficiency of compliance and will assist in the operationalization of compliance into fabric of every business that embraces it.

Consider the basic lifeblood of every large multi-national corporation which does business outside the US and is therefore subject to the Foreign Corrupt Practices Act (FCPA): the lifecycle of contracting. One can break the sales cycle down into the following:

  1. Pre-sale-RFP/Bid/Sales initiative;
  2. Responding to RFP/making a bid;
  3. Negotiations; and
  4. Post-contract execution and delivery.

Assuming you use an employee-based sales effort, as opposed to a third party focused sales effort, what are some of the compliance questions you might face in the Pre-Sales phase? It could include some of the following: What is the aggregate spending on any one government official over a 12-month period by one Business Development (BD) representative? What is the BD spend on one governmental official by several BD representatives? Has there been any travel involved to tour company facilities by representatives of a foreign government, agency or state-owned enterprise? What was the aggregate BD spend for the entire country, region or business unit and was it correlated with other gift, travel and entertainment spends?

Each of these steps could provide data, which taken singularly might not raise any red flags or even be outside company specifications but taken as a whole it might be a transaction which would lend itself to compliance oversight. Patrick Taylor, President and Chief Executive Officer (CEO) of Oversight Systems, Inc. has noted that AI allows the compliance practitioner to understand the “subtle clues in that pattern of activity that will clue me in to take a different look”. He likened to seeing a pattern in “raked leaves” which allows you to then step in and take a deeper and broader look at an issue, either through an audit or investigation. This is where the compliance practitioner can step back and literally keep an eye on the big picture and longer term as opposed to just the immediate numbers and information in front of them. It may also be the best hope for finding that kind of systemic fraudulent behavior.

Next consider the data points in the contract negotiations stage. Were any discounts offered outside the standard discount range? If so were these discounts properly vetted through the internal company process? Was this process documented and was there senior management sign-off in place? Did the customer suggest the use of any third parties as suppliers to the prime contract? Were there any charitable donations requested by the customer? Were there any charitable donations made during any part of this process or within 12 months after a successful contract negotiation? Was the contract properly vetted by all required internal processes: by management, legal, and compliance?

If the business function was successful in concluding the contract; did it specify any travel for the customer? How about ongoing training and if so where and for how long? Was there a specification of business class or above travel accommodations? Has any required compliance or FCPA training been delivered to third parties involved in the contract? Was there any Corporate Social Responsibility (CSR) requirement going forward? Does compliance have visibility into this or does is go through a company charitable donation group or committee?

When was the last time your compliance function considered gift, travel and entertainment spend after the contract was executed as potential corruption for a contract previously granted? Starting with the BD representatives, what was their spend on gifts, meals and entertainment for the foreign officials who signed or approved the contract? Even if that information is not available to the compliance department it is available from employee reimbursement requests so it can be used to take an appropriate business deduction from the Internal Revenue Service (IRS).

These are but some of the data points which could be inputted and analyzed to determine if any compliance issues arose. But they would also provide the company with a wealth of information on its internal efficiencies around sales and their corresponding processes. Such a use of data holds both promise and challenge for Chief Compliance Officers (CCOs). However, when a compliance function embraces the use of innovation in the form of a human and technological approach for forecasting and risk assessments and then keeps improving their risk management techniques, it will create a sustainable strategic business, compliance and intelligence advantage over its competition.


The above is based on an excerpt from my latest book, The Complete Compliance Handbook, which contains an entire chapter on Innovation in Compliance. For more information on this topic and the full panoply of the design, creation and implementation of an operationalized compliance program, check out my book on

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2018